10 April 2018
| Natalie Bannerman
Verizon finds that Ransomware attacks are a key cyber security threat for global organisations according to its 2018 Data Breach Investigations Report (DBIR).
The findings show that Ransomware is the common type of
malware found in 39% of all malware related data breaches, up
50% of last year’s DBIR and accounting for more
than 700 incidents. Other findings indicate that Ransomware
attacks are moving into business critical systems that encrypt
file servers and databases, causing more damage and commanding
bigger ransom requests.
Speaking on the report, George
Fischer, president of Verizon Enterprise Solutions, said:
"Businesses find it difficult to keep abreast of the threat
landscape, and continue to put themselves at risk by not
adopting dynamic and proactive security strategies. Verizon
gives businesses data-driven, real-life views on the
cyber-threat landscape, not only through the DBIR series but
also via our comprehensive range of intelligent security
solutions and services. This 11th edition of the DBIR gives
in-depth information and analysis on what’s really
going on in cybercrime, helping organizations to make
intelligent decisions on how best to protect themselves."
The report also shows that the human factor still continues
to be a key weakness for companies. Employees are still falling
for social attacks, in particular pretexting and phishing make
up 98% of social incidents with 93% of all breaches
investigated. In 96% of cases email is the biggest entry point
and companies are three times more likely to get breached by
social attacks than actual vulnerabilities in its system
demonstrating the need for continuous cyber security
Pretexting incidents particular has been specifically
targeted toward HR staff in order to try and get personal data
to file fraudulent tax returns. 4% of people fall prey to
phishing attacks, 72% of attacks are carried out by outsiders,
27% by internal actors, 2% involved partners and 2% include
Overall 68% of breaches took months to discover despite the
fact that it took minutes for data to be compromised.
"Ransomware remains a significant threat for companies of
all sizes. It is now the most prevalent form of malware, and
its use has increased significantly over recent years. What is
interesting to us is that businesses are still not investing in
appropriate security strategies to combat ransomware, meaning
they end up with no option but to pay the ransom – the
cybercriminal is the only winner here! As an industry, we have
to help our customers take a more proactive approach to their
security. Helping them to understand the threats they face is
the first step to putting in place solutions to protect
themselves," added Bryan Sartin, executive director security
professional services at Verizon.
Looking at the biggest risks per industry, in
Education social engineering targeting
personal information is the biggest risk, as is highly
sensitive research with 20% of attacks being driven by
espionage, with a surprising 11% being done for fun.
In Finance and Insurance
industries, payment card skimmers installed to ATMs is still
the biggest threat but there is also a rise in ATM jackpotting
which involves the use of fraudulently installed software or
hardware to instruct the ATMs to release large sums of
Insider threats are the biggest risks to the
Healthcare industry, posing a greater risk
than external factors as well as human error which remains a
major contributor to additional healthcare risks.
As for the Information sector DDoS attacks
account for approximately 56% of incidents and in the
Public sector cyber-espionage is the greatest
concern with 43% of breaches, targeting both state-secrets and
personal data, are motivated by espionage.
DDoS attacks reached its peak in March with the two biggest
recorded attacks to date, hitting 1.7Tbps.
"Companies also need to continue to invest in employee
education about cybercrime and the detrimental effect a breach
can have on brand, reputation and the bottom line. Employees
should be a business’s first line of defense,
rather than the weakest link in the security chain. Ongoing
training and education programs are essential. It only takes
one person to click on a phishing email to expose an entire
organization," continued Sartin.
The DBIR used collective data from 67 organisations around
the world. In the 2018 edition 5,000 incidents, 2216 breaches
from 65 countries were examined.